Recherche :

10 utilisateurs inconnus

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : c:\windows\system32\rundll32.exe manquant

jnfr

Bonjour,
J'ai lu quelques sujets et j'ai vu que je n'ai pas été la seule à avoir ce problème. En fait lorsque je vais dans panneau de configuration et que j'essai douvrir ajout/supression de programme ou systeme et d'autres encore une fenetre s'ouvre et me dit windows ne trouve pas c:\windows\system32\rundll32.exe.
Grace aux anciens postes j'ai pris de l'avance donc voici les rapports escan et hijackthis en esperant que vous pourrez m'aider.
Merci d'avance

File C:\WINDOWS\system32\grumfuyk.dll infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.
File C:\WINDOWS\PolicyVerifier.exe tagged as not-a-virus:AdWare.Win32.Agent.bn. No Action Taken.
File C:\WINDOWS\system32\alxyovqy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\etqhejua.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\gbjumuws.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\iakcynkd.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\koumcpek.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\ohaiwoww.exe tagged as not-a-virus:AdWare.Win32.Searchcolor.a. No Action Taken.
File C:\WINDOWS\system32\ryvlwvmr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\unvhlsiy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\wttoituy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\xdrlkfql.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\yfcnpqhh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP269\A0060051.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.ft. No Action Taken.
File C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP271\A0060202.dll infected by "Packed.Win32.Klone.j" Virus. Action Taken: File Renamed.
File C:\WINDOWS\PolicyVerifier.exe tagged as not-a-virus:AdWare.Win32.Agent.bn. No Action Taken.
File C:\WINDOWS\system32\alxyovqy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\etqhejua.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\gbjumuws.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\iakcynkd.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\koumcpek.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\ohaiwoww.exe tagged as not-a-virus:AdWare.Win32.Searchcolor.a. No Action Taken.
File C:\WINDOWS\system32\Policies\PolicyVerifier.exe tagged as not-a-virus:AdWare.Win32.Agent.bn. No Action Taken.
File C:\WINDOWS\system32\Policies\replace-update-script.bat tagged as not-a-virus:AdWare.Win32.Agent.bn. No Action Taken.
File C:\WINDOWS\system32\Policies\update-script.bat tagged as not-a-virus:AdWare.Win32.Agent.bn. No Action Taken.
File C:\WINDOWS\system32\ryvlwvmr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\unvhlsiy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\wttoituy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\xdrlkfql.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
File C:\WINDOWS\system32\yfcnpqhh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.

Logfile of HijackThis v1.99.1
Scan saved at 17:17:00, on 24/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TooX\Groom\GroomAgent.exe
C:\WINDOWS\IEXPLORER.exe
C:\WINDOWS\IEXPLORER.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\logiciels\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - Startup: Groom Agent.lnk = C:\Program Files\TooX\Groom\GroomAgent.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messager Wanadoo - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: bw+0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B027F67A-4BF7-42A1-A165-4CD3BF2F69BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

:ange:

Message édité par jnfr le 24-02-2007 à 17:29:25

synthexe

Anti-Malware Power

Bonjour

Pourquoi lors de eScan avoir choisis 'Aucune action' ? n'y-avait-il pas le choix de la quarantaine ou de la suppression ??

Télécharge CCleaner : http://www.ccleaner.com/ccdownload.asp et installe le (attention à l'installation pense à decocher l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).

Télécharge puis installe AVG Anti-Spyware (AVG AS) : http://www.ewido.net/en/download
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.

Redémarre en mode sans échec

Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

Si un fichier est infecté détécté en fin d'analyse

Clique sur "Appliquer toutes les actions"
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Lance CCleaner en double cliquant sur CCleaner.exe

-=Suppression des fichiers temporaires=-

Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
Clique sur Analyse
Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
Une fois le scan terminé, clique sur Lancer le Nettoyage

-=Suppression des incohérence du registre=-

Clique sur l'icône Erreurs situé dans la marge à gauche.
Puis clique sur Analyser les erreurs
Patiente pendant que CCleaner scanne ton registre.
Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
Tu peux cliquer ensuite sur Corriger les erreurs.
Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrèes cochées pour les restaurer ultérieurement.

Redémarre normalement.

Télécharge stp hijackthis (de Merijn) ici : http://www.merijn.org/files/hijackthis.zip
Dézippe le (extrais le) dans un dossier propre a lui (c'est important pour pouvoir avoir acces a des sauvegardes) comme par exemple : Mes Documents\hijackthis

(si tu es sur XP, fais un clique-droit et choisis Extraire tout)

Citation :

Il faut que nous affichions les extensions des fichiers pour pouvoir renommé hijackthis :

Ouvre ton poste de travail.
Menu "Outils", "Option des dossiers", onglet "Affichage" :
Désactive la case : "Masquer les extensions des fichiers dont le type est connu"
Clique sur "Appliquer".

Renomme hijackthis.exe en aideonline.exe (certains malwares reconnaissent le nom hijackthis.exe)

Double clique sur hijackthis.exe (aideonline.exe)

Clique sur Do a System Scan and Save a Log

Le bloc-note s'ouvre affichant un rapport, copie/colle le ici.

Poste moi le 2 rapports suivants : AVG-AS et hijackthis.

Bonne soirée

FORUM AideOnline

Aide Sécurité

c:\windows\system32\rundll32.exe manquant

Page générée en 0.136 secondes